package com.hm.system.web;

import java.util.List;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

import com.hm.common.annotation.AuthenticationAnnotation;
import com.hm.common.annotation.RequestPlanAnnotation;
import com.hm.common.model.ControllerResult;
import com.hm.system.mongo.vo.system.SysRoleInfoVo;
import com.hm.system.mongo.vo.system.SysUserInfoVo;
import com.hm.system.share.service.mongo.system.SysRoleInfoService;
import com.hm.system.share.service.mongo.system.SysUserInfoService;
import com.hm.system.util.SystemConfigDef.Api.Rest;
import com.hm.system.web.su.BaseController;

import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;

/**
 * @author shishun.wang
 * @date 2016年6月2日 下午11:17:52
 * @version 1.0
 * @describe 授权管理
 */
@ResponseBody
@RestController
@RequestMapping(value = Rest.Sys.REST_SYS_AUTH_INFO)
public class SysAuthController extends BaseController {

	public static final String swaggerTag = "系统授权管理";

	@Autowired
	private SysUserInfoService sysUserInfoService;

	@Autowired
	private SysRoleInfoService sysRoleInfoService;
	
	@AuthenticationAnnotation
	@RequestMapping(value = "/{userId}/roles", method = RequestMethod.PUT)
	@ApiOperation(value = "添加用户角色权限", httpMethod = "PUT", notes = "为系统用户授予角色", tags = swaggerTag)
	@RequestPlanAnnotation(title = "添加用户角色权限", content = "为系统用户授予角色")
	public ResponseEntity<ControllerResult<String>> addUserRoles(
			@ApiParam(required = true, name = "userId", value = "系统用户ID") @PathVariable String userId,
			@ApiParam(required = true, name = "roleIds", value = "角色id") @RequestParam List<String> roleIds) {
		try {
			SysUserInfoVo sysUserInfoVo = sysUserInfoService.getSysUserInfo(userId);
			if(null != sysUserInfoVo){
				sysUserInfoVo.setRoleIds(roleIds);
				
				String userInfoId = sysUserInfoService.updateSysUserInfo(sysUserInfoVo, currentUserId());
				if (StringUtils.isEmpty(userInfoId)) {
					return ControllerResult.failed("授权失败");
				}
				return ControllerResult.success(userInfoId, "授权成功");
			}
			return ControllerResult.failed("授权失败");
		} catch (Exception e) {
			return ControllerResult.failed(e);
		}
	}

	@AuthenticationAnnotation
	@RequestMapping(value = "/{roleId}/menus", method = RequestMethod.PUT)
	@ApiOperation(value = "添加角色菜单权限", httpMethod = "PUT", notes = "为系统角色授予菜单权限", tags = swaggerTag)
	@RequestPlanAnnotation(title = "添加角色菜单权限", content = "为系统角色授予菜单权限")
	public ResponseEntity<ControllerResult<String>> addRoleMenus(
			@ApiParam(required = true, name = "roleId", value = "系统角色ID") @PathVariable String roleId,
			@ApiParam(required = true, name = "menuIds", value = "菜单id") @RequestParam List<String> menuIds) {
		try {
			SysRoleInfoVo sysRoleInfo = sysRoleInfoService.getSysRoleInfo(roleId);
			if(null != sysRoleInfo){
				sysRoleInfo.setMenuIds(menuIds);
				String roleInfoId = sysRoleInfoService.updateSysRoleInfo(sysRoleInfo, currentUserId());
				if (StringUtils.isEmpty(roleInfoId)) {
					return ControllerResult.failed("授权失败");
				}
				return ControllerResult.success(roleInfoId, "授权成功");
			}
			return ControllerResult.failed("授权失败");
		} catch (Exception e) {
			return ControllerResult.failed(e);
		}
	}
}
